Active Directory Certificate Services (AD CS)

Contributor(s): Toni Boger

Active Directory Certificate Services (AD CS) is an Active Directory tool that lets administrators customize services in order to issue and manage public key certificates.

Applications supported by AD CS include Secure/Multipurpose Internet Mail Extensions (S/MIME), secure wireless networks, virtual private networks (VPN), Internet Protocol security (IPsec), Encrypting File System (EFS), smart card logon, Secure Socket Layer/Transport Layer Security (SSL/TLS) and digital signatures.

AD CS, which can be managed through Microsoft Management Console snap-ins or Server Manager,  has six components:

CA Web enrollment - connects users to a CA with a Web browser

Certification authorities (CAs) - manages certificate validation and issues certificates

Certificate Enrollment Policy Web Service - allows computers and users to retrieve information about their certificate enrollment policy

Certificate Enrollment Web Service - allows computers and users to enroll certificates using HTTPS

Network Device Enrollment Service - lets network devices without domain accounts retrieve certificates.

Online Responder - responds to requests about a certificate's status

This was last updated in January 2014

Continue Reading About Active Directory Certificate Services (AD CS)

Dig Deeper on Microsoft Active Directory Design and Administration



Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.


File Extensions and File Formats